Data Integrity and Enforcement Actions

December 4, 2016

Regulatory agencies have cited deficiencies in GMP data integrity and data management for at least the past 15 years. Yet it appears that the industry as a whole has made limited progress in self identifying and remediating these deficiencies. Regulators continue to identify the same set of shortcomings including, but not limited to: shared passwords, lack of enabled audit trails, failure to review electronic data, failure to review and investigate all failed testing results and failure to contemporaneously record information just to name a few. Data integrity has been cited in most all warning letters issued outside the US in calendar year 2015, and in most reports of GMP non-compliance posted by the EU in 2015. This posting provides a white paper on data integrity in the pharmaceutical industry. It includes background and history of how we reached the point where this is major focus of regulatory authorities, identification of global regulations and guidance, enforcement actions taken by global regulatory authorities based on deficiencies in this area, and suggested actions that firms can take to address potential vulnerabilities in this area. The paper concludes with an extensive reference list, including links. Two additional documents are provided: one which provides text of all data integrity related deficiencies in FDA warning letters published in calendar year 2015 and the Eudra GMP reports of non-compliance published in 2015.